US8316419B2 - System for controlled access to information contained in a terminal - Google Patents

System for controlled access to information contained in a terminal Download PDF

Info

Publication number
US8316419B2
US8316419B2 US11/632,009 US63200905A US8316419B2 US 8316419 B2 US8316419 B2 US 8316419B2 US 63200905 A US63200905 A US 63200905A US 8316419 B2 US8316419 B2 US 8316419B2
Authority
US
United States
Prior art keywords
terminal
information
access
server
access conditions
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US11/632,009
Other languages
English (en)
Other versions
US20080046979A1 (en
Inventor
Rachid Oulahal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Orange SA
Original Assignee
France Telecom SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by France Telecom SA filed Critical France Telecom SA
Assigned to FRANCE TELECOM reassignment FRANCE TELECOM ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: OULAHAL, RACHID
Publication of US20080046979A1 publication Critical patent/US20080046979A1/en
Application granted granted Critical
Publication of US8316419B2 publication Critical patent/US8316419B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present invention relates to a system for controlled access to information contained in a terminal of a user of a telecommunications network. It also relates to a terminal containing controlled access information and to a privacy server of a telecommunications network.
  • the invention finds a particularly advantageous application in the field of mobile telephony.
  • mobile terminals can contain information over which users wish to be able to control access in order to limit the distribution thereof.
  • This information is usually of a personal kind as it generally concerns the private life of the user.
  • Information to which access is liable to be subject to control includes the geographical location of the terminal and the user's availability or indeed contacts list.
  • a first approach is to locate the terminal by identifying the cell in which it is situated.
  • the resulting location is relatively coarse but may be refined by triangulation using a plurality of adjacent cells.
  • a second approach is to equip the terminal with a satellite positioning system such as the GPS (Global Positioning System).
  • the terminal is then located relative to a plurality of satellites and not relative to the telecommunications network itself. That positioning system is accurate but costly to implement.
  • the third approach is a hybrid approach that consists of GPS location that is assisted by the network in the sense that, to accelerate the GPS location process, the GPS system of the terminal receives information concerning its approximate position from the network.
  • the standards relating to locating the users of mobile telephone networks recommend that the agreement of the person to be located should be verified first, before supplying this location information to a third party requesting it.
  • the expression “third party” may refer to an application, an individual, or a body corporate, etc. needing to know the geographical location of the user, for example a service for supplying a list of places (restaurants, cinemas, etc.) near the user's location.
  • 3GPP-TS 23.271 version 6.7.0 release 6 is one example of a standard that defines a model architecture for managing information impacting on the private lives of users, and in particular their geographical locations if established by the telecommunications network itself, using the first above-mentioned approach to location.
  • access conditions refers equally to authorization to access all or some of said information and to ways of accessing some or all of that information when access is authorized.
  • the server verifies that the application is authorized to access the information. It bases this verification on the access conditions that the user has previously defined in the privacy server. If the application is in fact authorized to know the location of the user, then the location server actually determines the user's location and communicates the result to the application that has requested it.
  • One aspect of the present invention is directed to a system for controlled access to information contained in a terminal of a user of a telecommunications network, comprising:
  • the system further comprises a security module in the terminal adapted to receive said access conditions from the privacy server at the time of a request to access said information.
  • the conditions for access to the information are centralized in a single database, namely that of the privacy server of the network.
  • the user communicates with the operator of the network by the most appropriate means. This might include an SMS type short message, a web or WAP page or a GPRS type data connection, or even be part of the subscription process. There is therefore no necessity to duplicate this access control information once it has been supplied to the privacy server of the network.
  • the service is uniform overall because it is independent of differences between manufacturers with regard to the level of privacy integrated into the terminal.
  • controlled access system is particularly well optimized because, following a first access request from an application, the access conditions associated with that application are transferred to the security module of the terminal which then manages subsequent access requests, for as long as said access conditions remain valid, which avoids necessarily consulting the privacy server of the network on each access request, and therefore avoids overloading the network.
  • the privacy server can be adapted to update the security module automatically at the time of a modification of said access conditions. Preferential synchronization of the security module of the terminal to the privacy server of the network is obtained in this way.
  • the security module can receive the access conditions exclusively at the time of a first access request or at the time of modification of said conditions by the user.
  • a user terminal of a telecommunications network containing controlled access information is noteworthy in particular in that said terminal includes a security module adapted to receive conditions for access to said information from a privacy server of said network at the time of a first request for access to said information.
  • a privacy server of a telecommunications network is noteworthy in particular in that it is adapted to supply to a security module of a user terminal of said network containing controlled access information conditions for access to said information at the time of a first request to access said information.
  • FIG. 1 is a diagram of a system according to the invention for controlled access to information.
  • FIG. 1 represents a system for controlled access to information that can be supplied by an information server 11 of a terminal 10 of a user of a telecommunications network R, such as a mobile telephone network.
  • the information contained in the server 11 may relate to the geographical location of the terminal 10 or the contacts list or availability of the user, and more generally may consist of any information access to which by third parties, in particular by applications 30 that require to know some or all of this information, the user wishes to be able to control.
  • this application may be a remote application or one implemented directly in the terminal 10 .
  • a privacy server 20 in the network R of the conditions that the user intends to impose on third parties in the event of a request to access certain information contained in the server 11 .
  • the ergonomics of this access to the privacy server 20 from the terminal 10 may be of any kind and will generally take the form of a blank form to be filled in (web page, SMS message, GPRS message, etc.).
  • the access conditions for each third party or application consist, firstly, of an authorization to access some or all of the information and, secondly, of ways of accessing the information if access is authorized.
  • the ways of accessing the information may be as follows (this list is not limiting on the invention):
  • the terminal 10 forwards the request to the privacy server 20 .
  • the server 20 informs the terminal 10 of the access conditions relating to the application 30 that originated the request. Those conditions are stored in a security module 12 of the terminal 10 .
  • the terminal 10 interrogates the security module 12 directly and locally to find out the access conditions for this request without having to consult the privacy server 20 on the network R again. Provided that the access conditions continue to be verified, the terminal then responds appropriately to the access request (arrows 5 ).
  • the user can at any time modify the access conditions initially imposed on some particular third party or application.
  • the user contacts the privacy server 20 again, using the same ergonomics as before, and communicates to it the new access conditions.
  • the security module 12 is updated or synchronized automatically and immediately by the server 20 ready for a new access request.
  • the server can then send the user a blank form for defining the conditions that the user intends to impose on that application.
  • a simple interface in the terminal 10 then enables the user to block access by the application to the information contained in the server 11 . Likewise, this simple interface in the terminal should allow restricted modification of the access conditions by the user. In this case, synchronization with the privacy server 20 will be triggered.
  • the privacy server 20 will preferably keep a record of the communication of access conditions to the security module 12 .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Storage Device Security (AREA)
US11/632,009 2004-07-09 2005-06-24 System for controlled access to information contained in a terminal Active 2029-01-23 US8316419B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR0451484 2004-07-09
FR0451484A FR2872979A1 (fr) 2004-07-09 2004-07-09 Systeme d'acces controle a des informations contenues dans un terminal
PCT/FR2005/001614 WO2006016025A1 (fr) 2004-07-09 2005-06-24 Systeme d’acces controle a des informations contenues dans un terminal

Publications (2)

Publication Number Publication Date
US20080046979A1 US20080046979A1 (en) 2008-02-21
US8316419B2 true US8316419B2 (en) 2012-11-20

Family

ID=34946778

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/632,009 Active 2029-01-23 US8316419B2 (en) 2004-07-09 2005-06-24 System for controlled access to information contained in a terminal

Country Status (7)

Country Link
US (1) US8316419B2 (zh)
EP (1) EP1769653B1 (zh)
JP (1) JP2008506175A (zh)
KR (1) KR101119206B1 (zh)
CN (2) CN101860851A (zh)
FR (1) FR2872979A1 (zh)
WO (1) WO2006016025A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120144452A1 (en) * 2010-12-01 2012-06-07 Microsoft Corporation Managed dissemination of location data
US11062016B2 (en) * 2015-04-24 2021-07-13 Splunk Inc. Systems and methods for verifying user credentials for search

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7899039B2 (en) * 2008-02-15 2011-03-01 Cisco Technology, Inc. System and method for providing location and access network information support in a network environment
US8688112B2 (en) 2008-09-12 2014-04-01 Qualcomm Incorporated Neighboring cell search for mobile communication systems
US8755794B2 (en) 2008-12-05 2014-06-17 Qualcomm Incorporated System and method of sharing information between wireless devices
US8630622B2 (en) * 2009-12-07 2014-01-14 At&T Mobility Ii Llc Devices, systems and methods for location assistance verification
US8195778B1 (en) 2009-12-19 2012-06-05 Cisco Technology, Inc. System and method for providing mobility across access technologies in a network environment
US9215588B2 (en) 2010-04-30 2015-12-15 Cisco Technology, Inc. System and method for providing selective bearer security in a network environment
JP5679425B2 (ja) * 2010-11-26 2015-03-04 株式会社Nttドコモ 表示装置、開示制御装置、開示制御方法、及びプログラム
CN102625295A (zh) * 2011-01-28 2012-08-01 上海晨兴希姆通电子科技有限公司 手机安全上网系统及方法

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998052379A1 (en) 1997-05-16 1998-11-19 Telefonaktiebolaget Lm Ericsson Integrity protection in a telecommunications system
GB2353919A (en) 1999-09-02 2001-03-07 Nokia Mobile Phones Ltd A wireless communication terminal for accessing location information from a server
US6236996B1 (en) * 1997-10-31 2001-05-22 Sun Microsystems, Inc. System and method for restricting database access to managed object information using a permissions table that specifies access rights to the managed objects
WO2002019598A2 (en) * 2000-08-28 2002-03-07 Contentguard Holdings, Inc. Systems and methods for integrity certification and verification of content consumption environments
EP1193587A2 (en) 2000-09-27 2002-04-03 International Computers Ltd. Data protection
WO2002099556A2 (en) 2001-05-21 2002-12-12 Nokia Corporation Method and apparatus for managing and enforcing user privacy
WO2003030571A1 (en) 2001-10-02 2003-04-10 Wmode Inc. Method and system for delivering confidential information
US20030078053A1 (en) 2001-10-22 2003-04-24 Afshin Abtin Location privacy proxy
WO2003058994A1 (de) 2002-01-08 2003-07-17 Siemens Aktiengesellschaft Verbesserter datenschutz für positionabhängige dienste
US6757708B1 (en) * 2000-03-03 2004-06-29 International Business Machines Corporation Caching dynamic content
US20040172558A1 (en) * 2002-11-18 2004-09-02 Terrance Callahan Method and system for access control
US20040203845A1 (en) * 2002-03-22 2004-10-14 Lal Amrish K. Method and system for associating location specific data with data in a mobile database
US20050282557A1 (en) * 2004-06-17 2005-12-22 Nokia Corporation System and method for implementing a remote location acquisition application program interface
US20080301790A1 (en) * 2003-02-26 2008-12-04 Halasz David E Fast re-authentication with dynamic credentials

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH05314032A (ja) * 1992-05-08 1993-11-26 Matsushita Electric Ind Co Ltd 電子掲示板装置
ATE370619T1 (de) * 2000-04-14 2007-09-15 Alcatel Lucent Verfahren zur übertragung der lokalisierung der kommunikationsteilnehmern, ein kommunikationsnetzwerk, ein dienstkomputer und programmodule dafür
JP2004152251A (ja) * 2002-09-04 2004-05-27 Hitachi Ltd セキュリティに関する情報を更新する方法、クライアント、サーバ、及び管理端末
JP2006500657A (ja) * 2002-09-23 2006-01-05 クレダント テクノロジーズ インコーポレイテッド セキュリティポリシーの維持及び配信をサポートするためのサーバー、コンピュータメモリ、及び方法
JP4465952B2 (ja) * 2002-10-28 2010-05-26 富士ゼロックス株式会社 文書管理システムおよび方法

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998052379A1 (en) 1997-05-16 1998-11-19 Telefonaktiebolaget Lm Ericsson Integrity protection in a telecommunications system
US6236996B1 (en) * 1997-10-31 2001-05-22 Sun Microsystems, Inc. System and method for restricting database access to managed object information using a permissions table that specifies access rights to the managed objects
GB2353919A (en) 1999-09-02 2001-03-07 Nokia Mobile Phones Ltd A wireless communication terminal for accessing location information from a server
US6757708B1 (en) * 2000-03-03 2004-06-29 International Business Machines Corporation Caching dynamic content
WO2002019598A2 (en) * 2000-08-28 2002-03-07 Contentguard Holdings, Inc. Systems and methods for integrity certification and verification of content consumption environments
EP1193587A2 (en) 2000-09-27 2002-04-03 International Computers Ltd. Data protection
WO2002099556A2 (en) 2001-05-21 2002-12-12 Nokia Corporation Method and apparatus for managing and enforcing user privacy
US7340438B2 (en) * 2001-05-21 2008-03-04 Nokia Corporation Method and apparatus for managing and enforcing user privacy
WO2003030571A1 (en) 2001-10-02 2003-04-10 Wmode Inc. Method and system for delivering confidential information
US20030078053A1 (en) 2001-10-22 2003-04-24 Afshin Abtin Location privacy proxy
WO2003058994A1 (de) 2002-01-08 2003-07-17 Siemens Aktiengesellschaft Verbesserter datenschutz für positionabhängige dienste
US20040203845A1 (en) * 2002-03-22 2004-10-14 Lal Amrish K. Method and system for associating location specific data with data in a mobile database
US20040172558A1 (en) * 2002-11-18 2004-09-02 Terrance Callahan Method and system for access control
US20080301790A1 (en) * 2003-02-26 2008-12-04 Halasz David E Fast re-authentication with dynamic credentials
US20050282557A1 (en) * 2004-06-17 2005-12-22 Nokia Corporation System and method for implementing a remote location acquisition application program interface

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
3GPP TS 23.271 V6.7.0 (Mar. 2004) Technical Specification 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Functional stage 2 description of Location Services (LCS) (Release 6). *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120144452A1 (en) * 2010-12-01 2012-06-07 Microsoft Corporation Managed dissemination of location data
US9432381B2 (en) * 2010-12-01 2016-08-30 Microsoft Technology Licensing, Llc Managed dissemination of location data
US11062016B2 (en) * 2015-04-24 2021-07-13 Splunk Inc. Systems and methods for verifying user credentials for search
US11822640B1 (en) 2015-04-24 2023-11-21 Splunk Inc. User credentials verification for search

Also Published As

Publication number Publication date
FR2872979A1 (fr) 2006-01-13
KR20070030942A (ko) 2007-03-16
CN1985537A (zh) 2007-06-20
WO2006016025A1 (fr) 2006-02-16
KR101119206B1 (ko) 2012-03-08
JP2008506175A (ja) 2008-02-28
EP1769653A1 (fr) 2007-04-04
CN101860851A (zh) 2010-10-13
EP1769653B1 (fr) 2018-08-01
US20080046979A1 (en) 2008-02-21

Similar Documents

Publication Publication Date Title
US8316419B2 (en) System for controlled access to information contained in a terminal
US7079851B2 (en) Control method for information network system, information network system and mobile communication terminal
CN102428446B (zh) 数据备份系统
CN107925871A (zh) 移动运营商简档管理委托
JPH09510851A (ja) パーソナル通信サービス用の分散サービス管理システムおよび方法
CN101313555B (zh) 一种授权管理系统和方法及授权管理服务器
US20070147348A1 (en) Methods, systems, and computer program products for providing location information for VoIP emergency calling
US20060094445A1 (en) Method and apparatus of restricting data access
US9002743B2 (en) Method, system and server for managing data transmission
CN113259930A (zh) 调用的请求、查询、授权处理方法、设备及装置、介质
EP2544468B1 (en) Region access platform, mobile positioning method and system
US8326933B2 (en) Appearance package management method, system and device
US7139377B2 (en) Method of providing services to remote private terminals and an associated device
CN100525186C (zh) 通用鉴权框架及更新bsf中用户安全描述信息的方法
CN102075553A (zh) 一种基于SyncML的数据同步方法及设备
KR20000049859A (ko) 복합통신망을 이용하여 개인정보를 관리하기 위한 시스템
AU5173096A (en) Distributed service management system and method for personal communication services
WO2000038440A1 (en) Mobile communications network
CN112069474B (zh) 一种用户数据的使用和被遗忘方法以及第三方可信服务器
JP2008047951A (ja) 規制制御方法及び通信システム
JP2007180822A (ja) 通信制御装置、発信電話番号制御方法および発信電話番号制御プログラム
CN111401672A (zh) 一种基于区块链的合法性校验方法、设备及系统
CN113572906B (zh) 一种呼叫中心用通信系统中的设备接入终端
KR20090126839A (ko) 이동통신 시스템에서 송수신 데이터의 저장 장치 및 방법
KR101160361B1 (ko) 이동 단말기 서비스 제공 방법

Legal Events

Date Code Title Description
AS Assignment

Owner name: FRANCE TELECOM, FRANCE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:OULAHAL, RACHID;REEL/FRAME:019873/0619

Effective date: 20070123

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 12TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1553); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 12